Alarm bells have been ringing and share price dropping at Global Payments Inc. with the news that they have been suspended (removed?) from the Visa Service Provider Register because of an identified breach of credit card data.
Bad news indeed for Global Payments and perhaps a certain amount of alarm within the company responsible for the independent auditing of the PCI Compliance status. This is the nightmare scenario that every auditing company faces with a client who is compliant today but by tomorrow has implemented a change or failed to upgrade or apply a patch without abiding by basic security rules.
Another persuasive factor for the auditor and client to work in partnership to increase security thereby facilitating compliance.